A German consumer rights group said on Monday that a court had found Facebook's use of personal data to be illegal because the U.S. social media platform did not adequately secure the informed consent of its users.

The verdict, from a Berlin regional court, comes as Big Tech faces increasing scrutiny in Germany over its handling of sensitive personal data that enables it to micro-target online advertising.

The Federation of German Consumer Organisations (vzvb) said that Facebook's default settings and some of its terms of service were in breach of consumer law, and that the court had found parts of the consent to data usage to be invalid.

+2

A German consumer rights group said on Monday that a court had found Facebook's use of personal data to be illegal because the U.S. social media platform did not adequately secure the informed consent of its users. Stock image

'Facebook hides default settings that are not privacy-friendly in its privacy centre and does not provide sufficient information about it when users register,' said Heiko Duenkel, litigation policy officer at the vzvb.

'This does not meet the requirement for informed consent.' The vzvb posted a copy of the ruling on its website.

A court spokesperson confirmed that a judgment had been handed down but declined further comment.

Facebook said it would appeal, even though several aspects of the court judgment had been in its favour.

In a statement, it said it had already made significant changes to its terms of service and data protection guidelines since the case was first brought in 2015.

SHARE THIS ARTICLE

Share

15 shares

'We are working hard to ensure that our guidelines are clear and easy to understand, and that the services offered by Facebook are in full accordance with the law,' Facebook said.

Further, Facebook would in the meantime update its data protection guidelines and its terms of service so that they comply with new European Union-wide rules that are due to enter force in June.

Facebook, which counts more than 2 billion users worldwide, already faces scrutiny from Germany's competition authorities over its handling of its users' personal data.

The Federal Cartel Office, in an interim update on an investigation into Facebook, said in December that it objected to the way the company gains access to third-party data when an account is opened.

WHAT ARE FACEBOOK'S PRIVACY PRINCIPLES?

Facebook's privacy principles, which are separate from its terms and conditions, outline how the company handles users' information.

The company published the rules online for the first time in January 2018 ahead of a tough new EU data protection law.

1) We give you control of your privacy: Facebook users should have the option to make choices about their privacy and know where to go to change their privacy settings.

2) We help people understand how their data is used: The firm describes how it uses people's data in its Data Policy but also includes features such as 'ad controls' in the top right corner of every advertisement.

3) We design privacy into our products from the outset: Facebook says it designs privacy into its services with guidance from experts in data protection and privacy law, security, engineering, public policy, and more.

+2

Facebook's privacy principles, which are separate from its terms and conditions, outline how the company handles users' information (stock image)

4) We work hard to keep your information secure: The company says it works around the clock' to help protect people's accounts and build security into every Facebook product.

5) You own and can delete your information: You decide what you share and who you share it with on Facebook, and can delete posts and your account at any time. Deleting removes data from your timeline and Facebook's servers.

6) Improvement is constant: Facebook says it is 'constantly working' to develop new controls and explain them to people clearly. It works with experts beyond Facebook including designers, privacy professionals and regulators.

7) We are accountable: Facebook undertakes privacy reviews, data security testing, and meets with regulators, legislators and privacy experts to get input on data practices and policies, the company said.

This includes tapping information from its own WhatsApp and Instagram products - as well as how it tracks which sites its users access.

One concern highlighted by the consumer rights group was that, in Facebook's app for smartphones, a service was pre-activated that revealed the user's location to the person they were chatting to.

Also, in the privacy settings, ticks were already placed in boxes that allowed search engines to link to the user's timeline, meaning that anyone would be able quickly and easily to find a user's profile.

'The judges ruled that all five of the default settings on Facebook that vzvb complained about are invalid,' the group said in a statement, adding that several other of Facebook's terms of use were found to be illegal.